Re: [OSL | CCIE_RS] ACL Wildcards

Mon, 08 Jun 2009 03:39:40 -0700 

Hi,
This is for one octet, but is there a step-by-step checklist for one you have difference in more octets. How you can come to exactly how many entries, and what they are? I looked through the BLS videos and they helped a bit. Its more when you are presented with a list of multiple entries, how do you start? 

Sincerely,
Kim Pedersen

desmond Black wrote:


Good explantion man!!

    ----- Original Message -----
    From: "Bryan Bartik"
    To: "JEREMY FURR (RIT Student)"
    Cc: [email protected]
    Subject: Re: [OSL | CCIE_RS] ACL Wildcards
    Date: Fri, 5 Jun 2009 21:50:00 -0600

    I don't know of any books but there is a video in the R&S Blended
    Learning Solution with some examples and exercises. This is how I
    do it:

    Focusing on your third octet you have

    5
    10
    13
    14

    In binary that is:

    0000 0101
    0000 1010
    0000 1101
    0000 1110

    We will not be able to use a one-line ACL with this. The only way
    a one line ACL can match only 4 networks is if the the number of
    differing bits is 2 (2^2 = 4). In this case we have 4 differing
    bits, so the least amount of networks we could match with a
    one-line ACL would be 2^4=16. But we may be able to break it into
    2 ACLs.

    5 and 13 only differ in one bit (bit 3)
    10 and 14 only differ in one bit (bit 2)

    So we can use 1 ACL line for each. Here is 5 and 10:

    0000 0101
    0000 1101
    ---------------
    0000 0101 AND = 5
    0000 1000 XOR = 8

    192.168.5.0 0.0.8.0

    Now for 10 and 14

    0000 1010
    0000 1110
    ---------------
    0000 1010 AND = 10
    0000 0100 XOR = 4

    192.168.10.0 0.0.4.0

    So you would have a 2 line ACL

    192.168.5.0 0.0.8.0
    192.168.10.0 0.0.4.0

    -hth

    On Fri, Jun 5, 2009 at 8:11 AM, JEREMY FURR (RIT Student)
    <[email protected] <mailto:[email protected]>> wrote:

        Does anyone know of a website or book that explains well how
        ACL wildcards work? I have been trying to filter out four
        blocks from a bunch of route advertisments but just can't get
        the three I want through, this is what I have R2
        is originating 192.168.2.0/24 <http://192.168.2.0/24> through
        192.168.15.0/24 <http://192.168.15.0/24> in RIP to R1. I want
        to only accept blocks 192.168.5.0, 192.168.10.0, 192.168.13.0
        and 192.168.14.0

         
        If I use acl with 192.168.10.0 0.0.4.0, I will get 10 and 14

        but not thirteen. For the 5 network I just use the 192.168.5.0

        0.0.0.255.  
         
        Any thoughts or help would be appreciated.
         
        Jeremy Furr


        [email protected] <mailto:[email protected]>





    -- 
    Bryan Bartik

    CCIE #23707 (R&S), CCNP
    Sr. Support Engineer - IPexpert, Inc.
    URL: http://www.IPexpert.com



Desmond Black,
In Pursuit of CCIE!!
India

  


--
Be Yourself @ mail.com!
Choose From 200+ Email Addresses
Get a *Free* Account at www.mail.com <http://www.mail.com/Product.aspx>!


--

// Freedom Matters
// Follow my progress on: http://kpjungle.wordpress.com























					Reply via email to